New PayPal Scam Wants You To Verify Bogus Transactions
It’s holiday time, and shoppers around the globe are snapping up deals wherever they can be found online. That includes millions of PayPal users, who cybercriminals are targeting with afresh round of email attacks.
Researchers at Malwarebytes Labs posted a report on the scam this weekend. Like other PayPal phishing attacks, this one makes user of the PayPal logo and the sender’s address appears to be email@example.com. An order number is referenced and the message claims that the would-be victim needs to click a link in order to verify the transaction.
The order number is completely bogus, however, and the button that claims to take you to the PayPal website actually redirects victims to epauypal.com. Once there, visitors will see forms that look fairly convincing. They ask for the kind of personal data that identity thieves are after: name, date of birth, address, mother’s maiden name, and a credit card number.
The site has a valid SSL certificate — so the lock icon in your browser will go green to mark it “safe” — and a handful of security certification images are thrown in for good measure (including Verisign and Symantec). It’s all for show, of course.
Observant PayPal users should note a few glaring mistakes. There’s the header bar, which is missing a link for help. There’s no alarm bell for notifications or a gear icon that you can click to update your account settings. Victims also don’t have to log in to get to these forms, which should set off alarm bells.
How To Stay Safe
The best way to handle a situation like this is to visit the PayPal website directly. Don’t click a link in an email message, even if you’re certain it really did come from PayPal. If you go to the paypal.com website and sign in to your account, you’ll be able to see any issues that might be affecting your transactions.
Just head to the settings page and click the notifications link. While you’re there, you should enable two-factor authentication if you haven’t already done so. Click the security link and then click edit next to “security key” to turn it on to add a second layer of protection to your account.